OUTLI NE of NI CT OUTLI NE of NI CT I NTRODUCTI ON of R&D ACTI - - PowerPoint PPT Presentation

1 1

OUTLI NE of NI CT OUTLI NE of NI CT

～ ～ I NTRODUCTI ON of R&D ACTI VI TI ES for I NTRODUCTI ON of R&D ACTI VI TI ES for I NFORMATI ON SECURI TY I NFORMATI ON SECURI TY ～ ～ Yuichi Matsushima Yuichi Matsushima

Executive Director; I nformation and Network Systems Department Executive Director; I nformation and Network Systems Department NI CT: NI CT: National I nstitute of I nformation and Communications Technology National I nstitute of I nformation and Communications Technology Japan Japan 15 November 2005 15 November 2005

2 2

Outline Outline

1.

• 1. Outline of NI CT: organization and activities;

Outline of NI CT: organization and activities;

2.

• 2. Overview the Ubiquitous Network Society (UNS)

Overview the Ubiquitous Network Society (UNS) Research Programs by MI C, Japan; Research Programs by MI C, Japan;

3.

• 3. Research Strategy for the I nformation Security

Research Strategy for the I nformation Security in NI CT; in NI CT;

• 4. R&D Activities for I nformation Security Center;
• 4. R&D Activities for I nformation Security Center;

3 3

１． １． Outline of NI CT: Outline of NI CT:

• rganization and activities;
• rganization and activities;

情報通信研究機構

Koganei Head Office www.nict.go.jp address: 4-2-1 Nukui-Kitamachi, Koganei, Tokyo 184-8795 Japan

4 4

2001 Communications Research Laboratory 1979 Telecommunications and Broadcasting Satellite Organization

Incorporated Administrative Agency

National Laboratory Certified Institution

1992 Telecommunications Advancement Organization 1988 Communications Research Lab 1952 Radio Research Lab ▼ ▼ ▼

National Institute of Information and National Institute of Information and Communications Technology Communications Technology NICT: after merger of CRL and TAO in April 2004 NICT: after merger of CRL and TAO in April 2004

2004 2004

5 5

Outline of NI CT Outline of NI CT

Establishment date: April 1, 2004 Mid-term plan: April 2001 through March 2006 Budget & Personnel: Budget: about ¥59.6 billion (US$ 514 M) Personnel： Full-time employees, about 480 Tenure researchers: 305 (Ph.D: 186) Non-permanent researchers: 600 (PD, Graduate

students included)

6 6

MIC (The Ministry of Internal Affairs and Communications) MIC (The Ministry of Internal Affairs and Communications)

NICT NICT

Medium-Term Goals (2001-2005) Medium-Term Goals (2001-2005) Annual Plan Annual Plan Mid-Term Plan (2001-2005) Mid-Term Plan (2001-2005)

Review Committee on each IAA Review Committee on each IAA Results reviewed every year

Opinions on medium- term goals and plans

Operating Expenses Operating Expenses

Commission

Policy Evaluation and Evaluation Committee on All IAA Policy Evaluation and Evaluation Committee on All IAA

President President

I ncorporated Administrative Agency

7 7

Organizational structure of NICT Organizational structure of NICT

President and 5 Vice-presidents General Affairs Strategic planning Information and network systems Wireless communications Applied research & standard Basic & advanced research

Extramural R&D Funding Intramural R&D

R&D Management Collaborative Research management Key Technology research management Information and communications promotion

Advisory committee

General affairs Finance

Research Planning

Top Management Partially support this joint conference

8 8

International Collaborative Research Grant Scheme International Collaborative Research Grant Scheme

(Advanced Technology Research and Development Grant) (Advanced Technology Research and Development Grant)

①Acceptance of Grant Application (Beginning of the FY2006) ②Proposal of Research and Development Plan ③Grant Approval

The proposal is selected by the comprehensive evaluation.

Screening Committee （Outside Experts）

（Shiba Headquarters）

International Collaborative Research Grant Advanced Technology Research and Development Grant

④Achievement Report

Communication and Broadcasting Service Enrichment Research and Development Grant for the Senior and the Handicapped

Advanced Technology Research and Development Grant （Telecom Incubation）

Good idea! Short of money ・・ ・Venture Company ・The Senior and The Handicapped Service Company ・International Collaborative Research Team, etc Since 1996 Since 1995 Since 1997

⑤Grant Payment (end of the FY2006)

9 9

Basic Research, Applied research, Basic Research, Applied research, and Funding for New Business and Funding for New Business

Basic Research Applied Research New Business Intramural R&D

High-risk Long-term R&D for New Business Promotion

Extramural R&D Funding

Crossing the Valley of Death Collaboration with Industries and Universities

10 10

• 2. Overview of UNS Strategic Programs
• 2. Overview of UNS Strategic Programs
• 2. Overview of UNS Strategic Programs
• 2. Overview of UNS Strategic Programs

ICT R&D Programs for the Ubiquitous Network Society ICT R&D Programs for the Ubiquitous Network Society ICT R&D Programs for the Ubiquitous Network Society ICT R&D Programs for the Ubiquitous Network Society

• For the

For the U Ubiquitous biquitous N Network etwork S Society (UNS)

• ciety (UNS)
• U

Universal Communications niversal Communications

• N

New Generation Networks ew Generation Networks

• S

Security and Safety ecurity and Safety

• The Telecommunications Council ; Ministry of

The Telecommunications Council ; Ministry of Internal Affairs and Communications Internal Affairs and Communications

• Issued July 2005

Issued July 2005

11 11

Direction of I CT Research and Development Direction of I CT Research and Development

Creating knowledge: Bring out the potential of individual and promote the creation of value through various areas of knowledge. Using knowledge: Various issues in society can be solved and advanced; easy-to-use services as well as people-friendly communication realized.

Promote intellectual dynamism

ICT security / safety: Ensure the dependability of ICT as a social infrastructure as well as its security / safety. ICT for security / safety: Utilize ICT to solve issues in various fields: healthcare, welfare, food, agriculture, crime prevention, disaster reduction, and the urban / natural environment. International competitiveness in ICT: contribute to the world through playing a leading role in international standardization; create new technology generating a paradigm shift. International competitiveness through ICT: Enhance Japan’s international competitiveness through the advanced use of ICT; develop the world’s leading ubiquitous network society.

Maintain /improve international competitiveness Establish a secure and safe society

12 12

Priority Areas Priority Areas in I CT Research and Development in I CT Research and Development

Enable Japan to maintain / strengthen international competitiveness in core technologies: optical, mobile, and devices Advanced basic technologies enable Japan to play a leading role in global ICT development

New Generation Networks Technologies ICT Security and Safety Technologies Priority areas in ICT Research and Development

Direction in R&D

Ensure security / safety of ICT networks that are the basis of social and economic activities ICT Technologies to ensure security to realize a safe / secure social environment

International competitiveness in ICT International competitiveness through ICT

Maintain / strengthen international competitiveness

ICT security / safety ICT for security / safety

Establish a secure and safe society Priority areas in ICT research and development were set based on the direction of R&D Content creation technologies promoting intellectual creativity of individuals Communication technologies transcending barriers in language, culture, and physical capabilities

Universal Communications Technologies

Creating knowledge Using knowledge Promote intellectual dynamism

13 13

• 3. Research Strategy for
• 3. Research Strategy for
• 3. Research Strategy for
• 3. Research Strategy for

the Information Security in NICT the Information Security in NICT the Information Security in NICT the Information Security in NICT

14 14

• 4. R&D Activities for
• 4. R&D Activities for
• 4. R&D Activities for
• 4. R&D Activities for

Information Security Center Information Security Center Information Security Center Information Security Center

Objectives

15 15

I nformation Security Center Government Security Organizations

Support for R&D Feedback to National Policy Collaboration on R&D

Role as powerful central force that advances research and development in Japan

Talent exchange

I ndustrial world

Collaboration on R&D Collaboration on R&D Talent exchange

University and Research Laboratories

Sharing of latest information

Role of Information Security Center Role of Information Security Center Role of Information Security Center Role of Information Security Center

16 16

I nformation Security Connection Engine

Telecom-I SAC Japan

Joint ownership of incident information & analysis technique by I SP

NI RT

Research・Ｒｅｐｏｒｔ・Ａｄｖｉｃｅ About I nformation security

• f Electric government

against each Ministry & Government Office

CRYPTREC

Objective evaluate of code technology & reliability

Improvement of Security level in our Country Improvement of Security level in our Country

Tight Cooperation

NICT & Reflection of NICT & Reflection of NICT & Reflection of NICT & Reflection of Quick Results Quick Results Quick Results Quick Results

I nformation Security Unit

• Against cyber attack, to realize

function of advanced analysis center and reinforcement technology of network security

• Researching & developing a code・

certification technology, realizing strength maintenance of code in electric government

• Aiming research & development to

become our country bullet, realizing the test bed that such research

• rganization as experimental system

for illegal access reproduction

• Considering telecommunications

during emergency situation such as natural disasters, to cooperate and to reinforce realization of big-scale proof field

I AA Alliance

Security of disaster restoration and safety confirmation

Government

17 17

Advanced common security technology for encryption, authentication, etc. Establishment of security at user level Advanced technology for measures against cyber attacks Establishment of important telecommunications during emergency situations such as natural disasters

Establishment of security for a ubiquitous environment combining cable and wireless Establishment of crisis management in terms of telecommunications

Research & Development Image Research & Development Images Research & Development Image Research & Development Images

• f Information Security Center
• f Information Security Center
• f Information Security Center
• f Information Security Center

Establishment of a test bed for R&D on information security

18 18

IAA System IAA System IAA Syste IAA System

• A system for registering and retrieving victim information by internet at the time of large-

scale disasters, and for retrieving with complete agreement of victims’ names or nom de plume.

• Main registering items: victims’ safeties, names (nom de plume), and the others (addresses、

blood types、physic characteristics、etc.).

• I n examination of systems to use more closely practicing our results to have ever done.
• A system for registering and retrieving victim information by internet at the time of large-

scale disasters, and for retrieving with complete agreement of victims’ names or nom de plume.

• Main registering items: victims’ safeties, names (nom de plume), and the others (addresses、

blood types、physic characteristics、etc.).

• I n examination of systems to use more closely practicing our results to have ever done.

地球磁気圏

Cellular phone PC

FAX

The number of registrating/retreiving in Niigata Cyuuetsu earthquake

Results(correspondence・practice at the time

• f the other disasters etc.）

・Sumatra offing earthquake in 2004 ・Tokachi offing earthquake in 2003 ・ Miyagi offing earthquake in 2002 ・Synchronized terrorist attacks in USA in 2001

IAA

Internet

Researchers

10,000 20,000 30,000 40,000 50,000 60,000 70,000 80,000 90,000 10/27 11/1 11/6 11/11 11/16 11/21 11/26 12/1 12/6 100 200 300 400 500 600 700 800 900

検索 登録

検索件数 登録件数

19 19

Security Integrated Operation Studio, SIOS Security Integrated Operation Studio, SIOS Security Integrated Operation Studio, SIOS Security Integrated Operation Studio, SIOS

To be able to expand each resources connecting with network To be able to expand each resources connecting with network

→ → Realizing nearer realistic environment

Realizing nearer realistic environment

• Reappearing flexibly network organization

Reappearing flexibly network organization

• Taking outside resources in a large scale

Taking outside resources in a large scale

• Tight security

Tight security

SIOS (Hardware simulator) VM Nebula (Software simulator) Star BED (Monster cluster computer)

JGNII

Outside node Outside node Remote control ・ monitoring system

VPN bass V P N b a s s

20 20

I nformation Security Service in Telecom-I SAC Japan

Members/ Non- members

• Wide -area

monitoring system

(Commission Research) Monster colleｃtion database

Operation Center (I SAC)

Probe system country

Method A Method B Method C Method D Method E Method F Method G Method H

Virus A Virus C Virus B

Advanced Analysis Center( I ndependent Research) Analyzing computer

Incident Handling System（IHS）(In Operation)

Log Analysis System Log Analysis System Log Analysis System Log Analysis System

Researchers

21 21

A Crisis of Hush Function

A simple version of SHA-1 in August of 2004（A version which decreased 36steps to 80steps） Beginning that a collision between MD4 and MD5 was reported (easy forgery)、a crisis of Hush function to be pivot of an electric signature etc.

Applied Examples in Applied Examples in Hush Function Hush Function I nfluence Degree I nfluence Degree Future Counter Measures Future Counter Measures Electric signatures Electric signatures There is it (under the present conditions, There is it (under the present conditions, the electric signature method is not the electric signature method is not recognized except SHA recognized except SHA-

• 1)

1) I nstalling an anti I nstalling an anti-

• public key code

public key code measure WG in CRYPTREC, leading the measure WG in CRYPTREC, leading the revision of electric signatures methods revision of electric signatures methods.

.

Time stamps Time stamps There is it (I nfluences to long There is it (I nfluences to long-

• time use of

time use of time stamp. Time business began since time stamp. Time business began since February 7 February 7 th

th in H. 17)

in H. 17) I nputting information to Time Business I nputting information to Time Business promotion meeting, participate time promotion meeting, participate time stamp stamp technologies WG. technologies WG.

• Key joint ownership

Key joint ownership technology technology

• Messages

Messages Certification (HMAC) Certification (HMAC)

• Pro

Pro-

• para

para-

• random

random-

• number generation

number generation Ｓｍａｌｌ Ｓｍａｌｌ estimate estimate I nspection of problems in WG of I nspection of problems in WG of CRYPTREC CRYPTREC

Support of CRYPTREC (Hush Function Connection) Support of CRYPTREC (Hush Function Connection) Support of CRYPTREC (Hush Function Connection) Support of CRYPTREC (Hush Function Connection)

Correspondence in NI CT

A cross inspection if reports of the arts & sciences actually influence the users, based on the results, it is contribution greatly to a correspondence policy in CRYPTREC.

22 22

THANK YOU THANK YOU